Re: __unused
At Fri, 03 Nov 2006 14:45:52 -0600, Hollis Blanchard wrote: > > On Wed, 2006-11-01 at 13:48 +0100, Johan Rydberg wrote: > > Hollis Blanchard <[EMAIL PROTECTED]> writes: > > > > > --- grub2-cvs.orig/include/grub/types.h 2006-10-31 19:06:47.0 > > > -0600 > > > +++ grub2-cvs/include/grub/types.h2006-10-31 19:06:58.0 > > > -0600 > > > @@ -23,6 +23,8 @@ > > > #include > > > #include > > > > > > +#define __unused __attribute__ ((unused)) > > > + > > > > First when I saw this it made me wanna comment on it, and tell you > > that defines should all be in uppercase. But then I poked through the > > code, and saw the usage of it, and it looked quite nice, with the > > exception of the __-prefix. There are a lot of "common" words that > > are keywords in C; inline, const and auto for example. Maybe we > > should make "unused" a reserved keyword in GRUB? That would allow > > us to write code like; > > I left it as "__unused" for now, to match Linux's usage. (We can change > it later if needed.) We need another name, the __unused name is used in stat.h for an unused member in struct stat. Grub-setup gives the following compiler error: gcc -Iutil/i386/pc -I/home/jeroen/cvs/grub2/util/i386/pc -I. -Iinclude -I/home/jeroen/cvs/grub2/include -Wall -W -DGRUB_LIBDIR=\"/usr/local/lib/grub/i386-pc\" -g -O2 -DGRUB_UTIL=1 -MD -c -o grub_setup-util_i386_pc_grub_setup.o /home/jeroen/cvs/grub2/util/i386/pc/grub-setup.c In file included from /usr/include/sys/stat.h:105, from /home/jeroen/cvs/grub2/util/i386/pc/grub-setup.c:43: /usr/include/bits/stat.h:103: error: expected identifier or ‘(’ before ‘[’ token /usr/include/bits/stat.h:164: error: expected identifier or ‘(’ before ‘[’ token make: *** [grub_setup-util_i386_pc_grub_setup.o] Error 1 Any ideas for a new name for the define? Something like "grub_unused"? Jeroen Dekkers ___ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
Re: Stack protection via GCC's `-fstack-protector'
Hi, Stefan Reinauer, le Wed 08 Nov 2006 23:36:44 +0100, a écrit : > * Samuel Thibault <[EMAIL PROTECTED]> [061108 23:14]: > > Thomas Schwinge, le Wed 08 Nov 2006 22:40:54 +0100, a écrit : > > > then cat gnumach-undef-bad; exit 2; else true; fi > > > stack_chk_fail > > > > > > Is it feasible to have the `-fstack-protector' functionality in GNU Mach > > > and GRUB2 (and how to do that, then) or shall we unconditionally pass > > > `-fno-stack-protector' if available? > > > > I'd say it shouldn't be very hard to provide a stack_chk_fail function, > > even if all it does is just panic(). > > wont this add unnecessary bloat to the binary? Just like to any binary of a distribution that would enable -fstack-protector by default. That's not our concern, that's the distribution's. Samuel ___ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
Re: Stack protection via GCC's `-fstack-protector'
Hi, * Samuel Thibault <[EMAIL PROTECTED]> [061108 23:14]: > Thomas Schwinge, le Wed 08 Nov 2006 22:40:54 +0100, a écrit : > > then cat gnumach-undef-bad; exit 2; else true; fi > > stack_chk_fail > > > > Is it feasible to have the `-fstack-protector' functionality in GNU Mach > > and GRUB2 (and how to do that, then) or shall we unconditionally pass > > `-fno-stack-protector' if available? > > I'd say it shouldn't be very hard to provide a stack_chk_fail function, > even if all it does is just panic(). wont this add unnecessary bloat to the binary? No, not the function calling panic. Or are we seriously concerned about buffer overflows in the bootloader? S. -- coresystems GmbH • Brahmsstr. 16 • D-79104 Freiburg i. Br. Tel.: +49 761 7668825 • Fax: +49 761 7664613 Email: [EMAIL PROTECTED] • http://www.coresystems.de/ ___ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
Re: Stack protection via GCC's `-fstack-protector'
Hello! On Wed, Nov 08, 2006 at 11:14:19PM +0100, Samuel Thibault wrote: > Thomas Schwinge, le Wed 08 Nov 2006 22:40:54 +0100, a ?crit : > > Is it feasible to have the `-fstack-protector' functionality in GNU Mach > > and GRUB2 (and how to do that, then) or shall we unconditionally pass > > `-fno-stack-protector' if available? > > I'd say it shouldn't be very hard to provide a stack_chk_fail function, > even if all it does is just panic(). Having had a look at glibc's implementation and its complexity ;-) that might indeed be a reachable goal (assuming that no other surprises show up): debug/stack_chk_fail.c #v+ [Copyright header.] #include #include extern char **__libc_argv attribute_hidden; void __attribute__ ((noreturn)) __stack_chk_fail (void) { /* The loop is added only to keep gcc happy. */ while (1) __libc_message (1, "*** stack smashing detected ***: %s terminated\n", __libc_argv[0] ?: ""); } #v- I'll give it a try. Regards, Thomas signature.asc Description: Digital signature ___ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
Re: Stack protection via GCC's `-fstack-protector'
Hi, Thomas Schwinge, le Wed 08 Nov 2006 22:40:54 +0100, a écrit : > then cat gnumach-undef-bad; exit 2; else true; fi > stack_chk_fail > > Is it feasible to have the `-fstack-protector' functionality in GNU Mach > and GRUB2 (and how to do that, then) or shall we unconditionally pass > `-fno-stack-protector' if available? I'd say it shouldn't be very hard to provide a stack_chk_fail function, even if all it does is just panic(). Samuel ___ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
Stack protection via GCC's `-fstack-protector'
[Please keep both and in the recipients list.] Hello! For some time, GCC now offers the following feature: info Gcc #v+ `-fstack-protector' Emit extra code to check for buffer overflows, such as stack smashing attacks. This is done by adding a guard variable to functions with vulnerable objects. This includes functions that call alloca, and functions with buffers larger than 8 bytes. The guards are initialized when a function is entered and then checked when the function exits. If a guard check fails, an error message is printed and the program exits. #v- I now happen to be running a GCC 4.1 installation which has that one enabled by default. Unfortunately, building GNU Mach and GRUB2 (didn't check GRUB legacy) is affected by that: GRUB2 #v+ [...] gcc -o kernel.exec kernel_img-kern_i386_pc_startup.o kernel_img-kern_main.o kernel_img-kern_device.o kernel_img-kern_disk.o kernel_img-kern_dl.o kernel_img-kern_file.o kernel_img-kern_fs.o kernel_img-kern_err.o kernel_img-kern_misc.o kernel_img-kern_mm.o kernel_img-kern_loader.o kernel_img-kern_rescue.o kernel_img-kern_term.o kernel_img-kern_i386_dl.o kernel_img-kern_i386_pc_init.o kernel_img-kern_parser.o kernel_img-kern_partition.o kernel_img-kern_env.o kernel_img-disk_i386_pc_biosdisk.o kernel_img-term_i386_pc_console.o kernel_img-symlist.o -nostdlib -Wl,-N,-Ttext,8200 -fno-builtin -mrtd -mregparm=3 -m32 kernel_img-kern_device.o: In function `grub_device_iterate': ../kern/device.c:142: undefined reference to `__stack_chk_fail' kernel_img-kern_disk.o: In function `grub_disk_write': ../kern/disk.c:553: undefined reference to `__stack_chk_fail' kernel_img-kern_misc.o: In function `grub_vsprintf': ../kern/misc.c:897: undefined reference to `__stack_chk_fail' kernel_img-kern_rescue.o: In function `grub_rescue_cmd_cat': ../kern/rescue.c:169: undefined reference to `__stack_chk_fail' kernel_img-kern_i386_pc_init.o: In function `grub_machine_set_prefix': ../kern/i386/pc/init.c:239: undefined reference to `__stack_chk_fail' kernel_img-kern_parser.o:../kern/parser.c:230: more undefined references to `__stack_chk_fail' follow collect2: ld returned 1 exit status make: *** [kernel.exec] Error 1 #v- GNU Mach #v+ [...] ld -u _start -r -o gnumach.o --start-group libkernel.a liblinux.a liblinux_pcmcia_cs_modules.a liblinux_pcmcia_cs_clients.a liblinux_pcmcia_cs_wireless.a nm -u gnumach.o | sed 's/ *U *//;s/^_*//' | sort -u > gnumach-undef sed '/^memcpy$/d; /^memmove$/d; /^memset$/d; /^bcopy$/d; /^bzero$/d; /^strchr$/d; /^strstr$/d; /^strsep$/d; /^strpbrk$/d; /^strtok$/d; /^htonl$/d; /^htons$/d; /^ntohl$/d; /^ntohs$/d; /^etext$/d; /^edata$/d; /^end$/d;' gnumach-undef > gnumach-undef-bad if test -s gnumach-undef-bad; \ then cat gnumach-undef-bad; exit 2; else true; fi stack_chk_fail make[2]: *** [clib-routines.o] Error 2 make[2]: Leaving directory `/fs/data/mount/home/thomas/tmp/source/gnumach/gnumach-1-branch/build' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/fs/data/mount/home/thomas/tmp/source/gnumach/gnumach-1-branch/build' make: *** [all] Error 2 #v- Is it feasible to have the `-fstack-protector' functionality in GNU Mach and GRUB2 (and how to do that, then) or shall we unconditionally pass `-fno-stack-protector' if available? Regards, Thomas signature.asc Description: Digital signature ___ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel